Güncel Güvenlik Açıkları

Auth. (contributor+) Cross-Site Scripting vulnerability in TCBarrett WP Glossary plugin <= 3.1.2 versions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

Unauthorized error injection in Intel(R) SGX or Intel(R) TDX for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

Improper access control vulnerability in GROWI prior to v5.1.4 (v5 series) and versions prior to v4.5.25 (v4 series) allows a remote authenticated attacker to bypass access restriction and download the markdown data from the pages set to private by the other users. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National…

Improper authorization in handler for custom URL scheme vulnerability in Lemon8 App for Android versions prior to 3.3.5 and Lemon8 App for iOS versions prior to 3.3.5 allows a remote attacker to lead a user to access an arbitrary website via the vulnerable App. As a result, the user may become a victim of a…

Untrusted search path vulnerability in the installer of Content Transfer (for Windows) Ver.1.3 and prior allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

An out-of-bounds write vulnerability exists in the CSR format title functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability…

Auth. (contributor+) Stored Cross-Site Scripting vulnerability in Galleryape Gallery Images Ape plugin <= 2.2.8 versions. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior deserialize user-supplied data provided through the Device-DataCollect service port without proper verification. An attacker could provide malicious serialized objects to execute arbitrary code upon deserialization. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service. Zafiyet ile ilgili Genel Bilgi, Etki ve…

IBM Spectrum Scale (IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0) could allow programs running inside the container to overcome isolation mechanism and gain additional capabilities or access sensitive information on the host. IBM X-Force ID: 237815. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database

IBM Spectrum Scale Container Native Storage Access 5.1.2.1 through 5.1.6.0 contains an unspecified vulnerability that could allow a local user to obtain root privileges. IBM X-Force ID: 237810. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database